The government has notified new Aadhaar rules that allow face authentication while putting stronger limits on how Aadhaar data can be used.
These changes align with the Digital Personal Data Protection (DPDP) Act and clearly define how both government bodies and private companies can access Aadhaar legally.
The update signals a major shift in Aadhaar’s role beyond welfare schemes, especially as UIDAI prepares to launch a redesigned Aadhaar app for everyday identity checks.
Contents
What Do the New Aadhaar Rules Change?
The new rules officially recognise face authentication as a valid Aadhaar verification method, alongside fingerprints, iris scans and OTPs.
Earlier, facial verification was used only in limited government cases and lacked formal legal backing.
The rules also strengthen offline Aadhaar verification, allowing identity checks without connecting to UIDAI’s central database.
Users can now share digitally signed details through QR codes or mobile apps, making verification faster and safer.
Why Face Authentication Matters
Face authentication is useful where fingerprints or iris scans do not work well, or where organisations do not qualify as full Aadhaar Authentication User Agencies.
UIDAI says on-device face verification can act as a proof of presence, confirming that the Aadhaar holder is physically present at the location.
Importantly, biometric data does not need to be sent to UIDAI servers.
This opens the door for use cases such as event entry, hotel check-ins, gated communities and ticketed venues, similar to DigiYatra-style checks but beyond airports.
Stronger Privacy and Consent Controls
The rules place clear limits on Aadhaar use. Every request must be:
Purpose-specific
Based on explicit user consent
Restricted to minimum required data
This follows the DPDP Act, which aims to prevent data misuse and over-collection.
Aadhaar holders can approve or reject requests and share only selected details, such as age or photograph, instead of their full Aadhaar profile.
Bringing Private Aadhaar Use Into the Legal Framework
The government is also addressing a long-standing grey area in private-sector Aadhaar usage.
UIDAI has flagged that some businesses illegally accessed Aadhaar details through OTP-based logins.
By formally allowing offline verification, the new rules reduce the need for such workarounds and bring private Aadhaar use under clear legal boundaries.
How the New Aadhaar App Fits In
UIDAI officials say the upcoming Aadhaar app will put these rule changes into action.
The app will store Aadhaar credentials on the user’s device, support selective sharing via QR codes, and enable offline face-based verification.
This approach gives users more control over their data while making Aadhaar safer and more practical for everyday identity checks.